Encrypting Emails with Microsoft Exchange Online

Securing your company’s data isn’t limited to protecting documents, spreadsheets, and other files that contain sensitive information. Your emails, instant messages, and contacts also need to be protected. A way to secure company emails is through email encryption which essentially encodes messages or information in a specific way so that only authorized parties can read them. Luckily for those using Exchange Online, companies can get users can access their email, make calendar appointments, and manage contacts through the familiar Microsoft Outlook interface – but with getting enterprise level security and encryption from Microsoft.

Data Integrity and Encryption

According to Microsoft, “All Office 365 services follow industry cryptographic standards such as SSL/TLS (Secure Sockets Layer/Transport Layer Security), AES etc. to protect confidentiality and integrity of data.” Through secure client-to-server connections any data that is created, stored, or transmitted through an Office 365 application, including email, data remains confidential as it moves from devices such as a workstation, laptop, or mobile phone to the cloud.

Microsoft also uses BitLocker via Advanced Encrypting Standard (AES) for encrypting data on servers that hold all messaging data that includes emails and instant messages (sent through Skype for Business which replaced Microsoft Lync this year).

Encrypted Emails with Azure Rights Management

Systems Administrators have the option to set up encrypted emails through Microsoft Exchange Online. This option is known as Office 365 Message Encryption (OME) which requires a subscription to Azure Rights Management. For the higher-level Office 365 Enterprise editions, Azure Rights Management is included. However, companies with a lower-tier Office 365 subscription can add Azure Rights Management for $2.00 per user, via an annual commitment.

With Azure Rights Management in place, OME allows users to send encrypted emails not only internally, but to users outside of the organization who are not on the same domain, let alone email provider. What this allows employees to do is to send secured, encrypted emails to customers, vendors, and other outside individuals via any email address including those from free email providers such as Gmail, Yahoo! Mail, and Hotmail.

How OME Operates

Through the Office 365 admin console, system admins can establish rules that identify specific instances which require a message be encrypted. When an employee sends an email which includes data, keywords, or other parameters that are configured in the control panel as an email that needs to be encrypted, OME encrypts the email automatically.

Recipients of an encrypted email will receive an email with a message and an HTML attachment. Upon opening the attachment, the receiver is directed to a secured viewing portal where they are given a one-time password (with an expiration of 15 minutes). If the recipient has a Microsoft account (either an Outlook.com account, an Office 365 subscription, or other Microsoft account) they can use their Microsoft credentials to log-in and receive the encrypted message. When a user responds to an encrypted email, the response is also encrypted as it is sent back.

Businesses can purchase Exchange Online as a stand-alone offering or as part of an Office 365 subscription. Either way, Exchange Online benefits from powerful data integrity and encryption options that are available across Office 365 applications.

Are you interested in learning more about how you can secure your company’s emails with Office 365? Roan Solutions can help find the best option and level of service for your business so you can be on your way to sending and receiving secured and encrypted emails.

Posted in News
Sign Up to the IT Newsletter from Roan Solutions:
* indicates required

Featuring Recent Posts WordPress Widget development by YD